Freight invoice - spam example

Below is a scam email disguised as a freight invoice. The email looks perfectly normal.

We can judge from the header that it’s sent from Korea.

The email goes on:

„Dear Sir, the payment was made today. Kindly check the attached freight payment from charterers.“

The following screenshot shows the appearing notification when you open the attachment.

The APT attack bypasss the anti-virus software at first. Because the attachment is written in macro pattern, it executes other malicious patterns once you download it.

The analysis for APT from Cellopoint:

Such APT attacks happen often around us. When you open the attachment, it means to open a backdoor of your computer for hacker. When you are still confused about the email, the hacker already take control of your computer and view everything on your computer as you do.

Hacker can copy the confidential information by remote control. Although antivirus software and firewall are essential protection, they can’t block all of the modern malware and Data theft. The best prevention is not to open any suspicious email.

Relevant product: APT Email Attack Protection

For further information, please contact CelloConsult team: +886-2-8969-2558